967cf3118a3b13985a589de4df587e70N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

967cf3118a3b13985a589de4df587e70N.exe
Size

200KB
MD5

967cf3118a3b13985a589de4df587e70
SHA1

f93fbd44a614088076717c036a74ff09af725cc6
SHA256

4d792f658365f3732b645a1df1b4b4cc158f87e1b327c624c859da17ff03120a
SHA512

5abb544d4657cdfb1e7d99302fefbf79eca8393bb51ecbebb18dc2e70e214ce463e72485eb7095734615fd34c826d0df018794b854ea3cfa2afd28014b65b46a
SSDEEP

3072:vEwd0ux5OLhDYQyF2lQBV+UdE+rECWp7hK2qRG:8vuDOL6/BV+UdvrEFp7hK2p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
967cf3118a3b13985a589de4df587e70N.exe

Files

967cf3118a3b13985a589de4df587e70N.exe
.dll windows:6 windows x86 arch:x86

ce4b255aed31734aae9f227f8e079d37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

z:\windows\develop_sw\mastercd\multiport_1.66e\src\multiport_pci\pci\win2k\sbui\objfre_wxp_x86\i386\sbui.pdb

Imports

msvcrt

_iob
localeconv
isxdigit
isleadbyte
__mb_cur_max
mbtowc
isspace
_snprintf
calloc
_itoa
wctomb
_isatty
_write
_lseeki64
_fileno
_read
__pioinfo
__badioinfo
realloc
isdigit
memcpy
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
_errno
strncmp
??2@YAPAXI@Z
memset
??3@YAXPAX@Z

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiSetDeviceRegistryPropertyA
SetupDiGetDeviceInstallParamsA
SetupDiSetDeviceInstallParamsA
SetupDiOpenDevRegKey
SetupDiDestroyDeviceInfoList
CM_Get_Child
CM_Get_Sibling
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegEnumValueA
RegOpenKeyExA

user32

SetWindowTextA
GetDlgItemInt
GetWindowLongA
EndDialog
SetWindowLongA
GetDlgItem
wsprintfA
CheckDlgButton
DialogBoxParamA
IsDlgButtonChecked
SendMessageA
EnableWindow
LoadStringA
MessageBoxA

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageA

kernel32

TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcess
OutputDebugStringA
InterlockedCompareExchange
Sleep
InterlockedExchange
QueryDosDeviceA
DefineDosDeviceA
UnhandledExceptionFilter
RtlUnwind
SetUnhandledExceptionFilter
GetTickCount

msports

ComDBReleasePort
ComDBClose
ComDBOpen
ComDBClaimPort

Exports

Exports

SerialPropPageProvider

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce4b255aed31734aae9f227f8e079d37

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

setupapi

advapi32

user32

comctl32

kernel32

msports

Exports

Exports

Sections

.text Size: 37KB - Virtual size: 36KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 83KB - Virtual size: 82KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 37KB - Virtual size: 36KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 83KB - Virtual size: 82KB

.reloc
Size: 2KB - Virtual size: 2KB